Using the Web-based manager:
Go to System > Admin > Settings.
Make sure SCP is enabled
Go to System > Admin > Settings.
Make sure SCP is enabled
Go to System > Network > Interface.
Select the Edit icon for the interface you use for administrative access.
In the Administrative Access section, select the SSH check box.
Click OK.
Select the Edit icon for the interface you use for administrative access.
In the Administrative Access section, select the SSH check box.
Click OK.
Create a public-private key pair using a key generator tool compatible with your SCP client.
root@linux:~# ssh-keygen -t rsa -b 2048 -f /tmp/fw-001
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): ENTER
Enter same passphrase again: ENTER
Your identification has been saved in /tmp/fw-001.
Your public key has been saved in /tmp/fw-001.pub.
root@linux:~# ssh-keygen -t rsa -b 2048 -f /tmp/fw-001
Generating public/private rsa key pair.
Enter passphrase (empty for no passphrase): ENTER
Enter same passphrase again: ENTER
Your identification has been saved in /tmp/fw-001.
Your public key has been saved in /tmp/fw-001.pub.
Save the private key to the location on your computer where your SSH private keys are stored.
root@linux:~# mv /tmp/fw-001.pub /etc/
root@linux:~# mv /tmp/fw-001 /etc/fw-001.sec
root@linux:~# mv /tmp/fw-001.pub /etc/
root@linux:~# mv /tmp/fw-001 /etc/fw-001.sec
Connect to the fortigate using SSH.
root@linux:~# ssh admin@x.x.x.x
root@linux:~# ssh admin@x.x.x.x
config system admin
edit admin
set ssh-public-key1 “[paste content from /etc/fw-001.pub]”
end
edit admin
set ssh-public-key1 “[paste content from /etc/fw-001.pub]”
end
And you are done! 
To trigger the copy, run the following command from bash.
root@linux:~# scp -i /etc/fw-001.sec admin@x.x.x.x:sys_config /backup/fw-001.fg.bin
root@linux:~# scp -i /etc/fw-001.sec admin@x.x.x.x:sys_config /backup/fw-001.fg.bin
-------------------------------------------------------------------------------------------------------------
No comments:
Post a Comment